# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  before_filter :authorize, :except => :login
  helper :all # include all helpers, all the time
  protect_from_forgery # See ActionController::RequestForgeryProtection for details
  layout "app"

  # Scrub sensitive parameters from your log
  # filter_parameter_logging :password

protected
  def authorize
    unless User.find_by_id(session[:user_id])
      reset_session
      session[:original_uri] = request.request_uri
      flash[:error] = "Please log in"
      redirect_to :controller => 'admin', :action => 'login'
    end
  end
  
  def require_user_lib
    unless session[:user_id] && User.find_by_id(session[:user_id]).is_admin
      reset_session
      flash[:error] = "You have to be administrator to see all messages and users"
      redirect_to :controller => 'admin', :action => 'login'
    end
  end
end
